#include "base/base_export.h"
#include "base/check.h"
-#include "base/hash/hash.h"
+#include "base/containers/span.h"
#include "base/token.h"
namespace base {
class BASE_EXPORT UnguessableToken {
public:
- // Create a unique UnguessableToken.
+ // Create a unique UnguessableToken. It's guaranteed to be nonempty.
static UnguessableToken Create();
// Returns a reference to a global null UnguessableToken. This should only be
// default constructor.
static const UnguessableToken& Null();
- // Return a UnguessableToken built from the high/low bytes provided.
+ // Return an UnguessableToken built from the high/low bytes provided.
// It should only be used in deserialization scenarios.
//
- // NOTE: If the deserialized token is empty, it means that it was never
+ // NOTE: If the returned `absl::optional` does not have a value, it means that
+ // `high` and `low` correspond to an `UnguesssableToken` that was never
// initialized via Create(). This is a security issue, and should be handled.
- static UnguessableToken Deserialize(uint64_t high, uint64_t low);
+ static absl::optional<UnguessableToken> Deserialize(uint64_t high,
+ uint64_t low);
// Creates an empty UnguessableToken.
// Assign to it with Create() before using it.
#if defined(UNIT_TEST)
static UnguessableToken CreateForTesting(uint64_t high, uint64_t low) {
- return Deserialize(high, low);
+ absl::optional<UnguessableToken> token = Deserialize(high, low);
+ DCHECK(token.has_value());
+ return token.value();
}
#endif